package morpho.ccmid.android.sdk.network.modules;

import android.content.Context;
import android.os.Bundle;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import morpho.ccmid.android.sdk.network.NetworkEngine;
import morpho.ccmid.android.sdk.network.NetworkEvent;
import morpho.ccmid.android.sdk.network.NetworkParameter;
import morpho.ccmid.android.sdk.network.responses.EnrolmentData;
import morpho.ccmid.android.sdk.storage.AccountSettingsDAO;
import morpho.ccmid.android.sdk.storage.CcmidTerminalPrefs;
import morpho.ccmid.android.sdk.storage.OfflineAuthenticationHolder;
import morpho.ccmid.android.sdk.storage.TidTkHolder;
import morpho.ccmid.android.sdk.util.SP800SecureRandomHelper;
import morpho.ccmid.android.sdk.util.VersionUtils;
import morpho.ccmid.api.error.exceptions.CcmidException;
import morpho.ccmid.api.error.exceptions.CcmidNetworkException;
import morpho.ccmid.api.error.exceptions.CcmidRequestValidationFailureException;
import morpho.ccmid.api.error.exceptions.CcmidServiceException;
import morpho.ccmid.api.network.CryptoContext;
import morpho.ccmid.api.network.SRPUtil;
import morpho.ccmid.sdk.data.RegistrationTransaction;
import morpho.ccmid.utils.a;
import org.apache.commons.codec.binary.Base64;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes4.dex */
public class ActivateRoamingKeyringModule extends GenericNetworkModule<Bundle> {
    private static final String m = "ActivateRoamingKeyringModule";

    public ActivateRoamingKeyringModule(Context context) {
        super(NetworkRequest.ACTIVATE_ROAMING_KEYRING, NetworkEngine.getInstance(context).getSyncHttpClientCcmid());
    }

    public Bundle a(NetworkParameter networkParameter) throws CcmidException {
        CryptoContext cryptoContext;
        try {
            Context a2 = networkParameter.a();
            CryptoContext e = networkParameter.e();
            Bundle b = networkParameter.b();
            NetworkEvent networkEvent = NetworkEvent.ROAM_KEYRING;
            RegistrationTransaction registrationTransaction = (RegistrationTransaction) networkParameter.f();
            String a3 = a(e.getServerUrl(), b(a2, e.getServerUrl()), registrationTransaction.getId(), "events", networkEvent, a2);
            boolean isEnhancedKeyEncryption = registrationTransaction.getKeyring().getPolicy().getEnhancedSecurity() != null ? registrationTransaction.getKeyring().getPolicy().getEnhancedSecurity().isEnhancedKeyEncryption() : false;
            JSONObject a4 = a(networkParameter, registrationTransaction.getTranscipherKey(), isEnhancedKeyEncryption, networkEvent);
            if (b.containsKey(PARAMETERS.UNIQUE_ID) && b.getString(PARAMETERS.UNIQUE_ID) != null) {
                try {
                    a4.put(PARAMETERS.UNIQUE_ID, b.getString(PARAMETERS.UNIQUE_ID));
                } catch (JSONException e2) {
                    e2.printStackTrace();
                }
            }
            a(a2, m, a3, a4);
            Bundle bundle = new Bundle();
            int b2 = b();
            JSONObject a5 = a();
            if (b2 / 100 != 2) {
                a(e, b(), c(), a());
                throw null;
            }
            AccountSettingsDAO.a().a(a2, registrationTransaction.getKeyring().getId(), isEnhancedKeyEncryption);
            if ((a5.has("encryptedTemplate") && !a5.isNull("encryptedTemplate")) || ((a5.has("zkAppKeySalt") && !a5.isNull("zkAppKeySalt")) || (a5.has("encryptedMRZ") && !a5.isNull("encryptedMRZ")))) {
                bundle.putParcelable(PARAMETERS.ENROLMENT_DATA, new EnrolmentData(a5));
            }
            if (a5.has(PARAMETERS.PARAM_ENCRYPTED_PIN_SALT)) {
                cryptoContext = e;
                OfflineAuthenticationHolder.getInstance(a2).savePinSaltData(cryptoContext.decryptData(Base64.decodeBase64(a5.getString(PARAMETERS.PARAM_ENCRYPTED_PIN_SALT).getBytes()), VersionUtils.serverSupportsFunctionality(a2, e.getServerUrl(), VersionUtils.ServerFunctionality.DEVICE_AUTH_SHA256)), registrationTransaction.getKeyring().getId());
            } else {
                cryptoContext = e;
            }
            a(a2, cryptoContext, registrationTransaction.getKeyring().getId());
            if (b.containsKey(PARAMETERS.UNIQUE_ID) && b.getString(PARAMETERS.UNIQUE_ID) != null) {
                bundle.putString(PARAMETERS.UNIQUE_ID, b.getString(PARAMETERS.UNIQUE_ID));
            }
            return bundle;
        } catch (IOException e3) {
            throw new CcmidNetworkException("Unable to get data from remote server", e3);
        } catch (Exception e4) {
            throw new CcmidRequestValidationFailureException("Unable to parse server response", e4);
        }
    }

    public JSONObject a(NetworkParameter networkParameter, byte[] bArr, boolean z, NetworkEvent networkEvent) throws SecurityException, CcmidException {
        Context a2 = networkParameter.a();
        CryptoContext e = networkParameter.e();
        Bundle b = networkParameter.b();
        JSONObject a3 = a(networkEvent, b);
        try {
            byte[] byteArray = b.getByteArray(PARAMETERS.AUTHENTICATION_DATA);
            byte[] bytes = TidTkHolder.getInstance(a2).getTk().getBytes();
            byte[] bytes2 = TidTkHolder.getInstance(a2).getTid(e.getServerUrl()).getBytes();
            String string = b.getString(PARAMETERS.KEYRING_ID);
            if (string == null) {
                throw new IllegalArgumentException("Keyring can't be null");
            }
            if (byteArray == null) {
                byteArray = "12345678".getBytes();
            }
            String b2 = CcmidTerminalPrefs.a(a2).d() ? CcmidTerminalPrefs.a(a2).b() : e.getSrpKey();
            MessageDigest messageDigest = SRPUtil.getMessageDigest();
            byte[] generateRandomBytes = SP800SecureRandomHelper.generateRandomBytes();
            a3.put("zkAppKeySalt", new String(Base64.encodeBase64(generateRandomBytes)));
            a3.put("encryptedZkAppKey", new String(Base64.encodeBase64(e.encryptData(SRPUtil.asUnsignedByteArray(SRPUtil.computeVerifier(messageDigest, string.getBytes(), bytes, generateRandomBytes, b2)), this.e))));
            byte[] a4 = a.a(bytes, e.getPassword());
            if (z && e.getPrecedentSRPContext() != null) {
                a4 = e.getPrecedentSRPContext().encryptData(a4, this.e);
            }
            a3.put("encryptedUnlockKey", new String(Base64.encodeBase64(e.encryptData(a4, this.e))));
            a3.put("encryptedTranscipherKey", new String(Base64.encodeBase64(e.encryptData(a.a(bArr, byteArray), this.e))));
            a3.put("encryptedAppInstanceId", new String(Base64.encodeBase64(e.encryptData(bytes2, this.e))));
            a3.put("appInstanceId", new String(Base64.encodeBase64(bytes2)));
            return a3;
        } catch (NoSuchAlgorithmException e2) {
            throw new CcmidServiceException("Unable to instanciate algorithm", e2);
        } catch (GeneralSecurityException e3) {
            throw new CcmidServiceException("Unable to secure data", e3);
        } catch (JSONException e4) {
            throw new CcmidRequestValidationFailureException("Unable to parse server response", e4);
        }
    }

    @Override // morpho.ccmid.android.sdk.network.modules.GenericNetworkModule
    public String b(Context context, String str) {
        return a("api/{version}/transactions/registrations", AccountSettingsDAO.a().a(context, str));
    }
}
